Kevin D. Fairbanks

Learn More
This paper describes a competition-style of exercise to teach system and network security and reinforce themes taught in class. The exercise, called NetSecLab, is conducted on a closed network with student-formed teams, each with their own Linux system to defend and from which to launch attacks. Students are expected to learn how to (1) install the(More)
Keywords: Ext4 File system forensics Digital forensics Extents Flex block groups a b s t r a c t This paper presents a low-level study and analysis of Ext4 file system data structures. It includes descriptions of extents, extent trees, directory indexing HTrees, and flex block groups. Currently, data about the file system is scattered with most sources(More)
There are many limitations when using file hashes to identify known content. Because changing just a single bit of a file changes its hash, pornographers, malware authors , and other miscreants can evade detection simply by changing a comma to a period or appending a few random bytes to a file. Likewise, hash-based identification will not work if sections(More)
Even the most secure computing system can be successfully attacked by a sufficiently motivated entity. To investigate the means of entry, the victim machine will come under the scrutiny of forensic analysis tools. In this era where system compromises occur on a regular basis, the design and implementation of operating systems should consider the necessity(More)